summaryrefslogtreecommitdiff
path: root/php_suhosin.h
diff options
context:
space:
mode:
Diffstat (limited to 'php_suhosin.h')
-rw-r--r--php_suhosin.h101
1 files changed, 100 insertions, 1 deletions
diff --git a/php_suhosin.h b/php_suhosin.h
index 4b460e4..b80d9b9 100644
--- a/php_suhosin.h
+++ b/php_suhosin.h
@@ -22,7 +22,7 @@
22#ifndef PHP_SUHOSIN_H 22#ifndef PHP_SUHOSIN_H
23#define PHP_SUHOSIN_H 23#define PHP_SUHOSIN_H
24 24
25#define SUHOSIN_EXT_VERSION "0.9.36" 25#define SUHOSIN_EXT_VERSION "0.9.37-dev"
26 26
27/*#define SUHOSIN_DEBUG*/ 27/*#define SUHOSIN_DEBUG*/
28#define SUHOSIN_LOG "/tmp/suhosin_log.txt" 28#define SUHOSIN_LOG "/tmp/suhosin_log.txt"
@@ -39,6 +39,10 @@
39#endif 39#endif
40#endif 40#endif
41 41
42#ifndef PHP_VERSION_ID
43#define PHP_VERSION_ID (PHP_MAJOR_VERSION * 10000 + PHP_MINOR_VERSION * 100 + PHP_RELEASE_VERSION)
44#endif
45
42extern zend_module_entry suhosin_module_entry; 46extern zend_module_entry suhosin_module_entry;
43#define phpext_suhosin_ptr &suhosin_module_entry 47#define phpext_suhosin_ptr &suhosin_module_entry
44 48
@@ -66,6 +70,101 @@ PHP_MINFO_FUNCTION(suhosin);
66 70
67#include "ext/standard/basic_functions.h" 71#include "ext/standard/basic_functions.h"
68 72
73static inline int suhosin_is_protected_varname(char *var, int var_len)
74{
75 switch (var_len) {
76 case 18:
77 if (memcmp(var, "HTTP_RAW_POST_DATA", 18)==0) goto protected_varname;
78 break;
79 case 17:
80 if (memcmp(var, "HTTP_SESSION_VARS", 17)==0) goto protected_varname;
81 break;
82 case 16:
83 if (memcmp(var, "HTTP_SERVER_VARS", 16)==0) goto protected_varname;
84 if (memcmp(var, "HTTP_COOKIE_VARS", 16)==0) goto protected_varname;
85 break;
86 case 15:
87 if (memcmp(var, "HTTP_POST_FILES", 15)==0) goto protected_varname;
88 break;
89 case 14:
90 if (memcmp(var, "HTTP_POST_VARS", 14)==0) goto protected_varname;
91 break;
92 case 13:
93 if (memcmp(var, "HTTP_GET_VARS", 13)==0) goto protected_varname;
94 if (memcmp(var, "HTTP_ENV_VARS", 13)==0) goto protected_varname;
95 break;
96 case 8:
97 if (memcmp(var, "_SESSION", 8)==0) goto protected_varname;
98 if (memcmp(var, "_REQUEST", 8)==0) goto protected_varname;
99 break;
100 case 7:
101 if (memcmp(var, "GLOBALS", 7)==0) goto protected_varname;
102 if (memcmp(var, "_COOKIE", 7)==0) goto protected_varname;
103 if (memcmp(var, "_SERVER", 7)==0) goto protected_varname;
104 break;
105 case 6:
106 if (memcmp(var, "_FILES", 6)==0) goto protected_varname;
107 break;
108 case 5:
109 if (memcmp(var, "_POST", 5)==0) goto protected_varname;
110 break;
111 case 4:
112 if (memcmp(var, "_ENV", 4)==0) goto protected_varname;
113 if (memcmp(var, "_GET", 4)==0) goto protected_varname;
114 break;
115 }
116
117 return 0;
118protected_varname:
119 return 1;
120}
121
122
123#if PHP_VERSION_ID < 50203
124static inline int php_varname_check(char *name, int name_len, zend_bool silent TSRMLS_DC) /* {{{ */
125{
126 if (name_len == sizeof("GLOBALS") - 1 && !memcmp(name, "GLOBALS", sizeof("GLOBALS") - 1)) {
127 if (!silent) {
128 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted GLOBALS variable overwrite");
129 }
130 return FAILURE;
131 } else if (name[0] == '_' &&
132 (
133 (name_len == sizeof("_GET") - 1 && !memcmp(name, "_GET", sizeof("_GET") - 1)) ||
134 (name_len == sizeof("_POST") - 1 && !memcmp(name, "_POST", sizeof("_POST") - 1)) ||
135 (name_len == sizeof("_COOKIE") - 1 && !memcmp(name, "_COOKIE", sizeof("_COOKIE") - 1)) ||
136 (name_len == sizeof("_ENV") - 1 && !memcmp(name, "_ENV", sizeof("_ENV") - 1)) ||
137 (name_len == sizeof("_SERVER") - 1 && !memcmp(name, "_SERVER", sizeof("_SERVER") - 1)) ||
138 (name_len == sizeof("_SESSION") - 1 && !memcmp(name, "_SESSION", sizeof("_SESSION") - 1)) ||
139 (name_len == sizeof("_FILES") - 1 && !memcmp(name, "_FILES", sizeof("_FILES") - 1)) ||
140 (name_len == sizeof("_REQUEST") -1 && !memcmp(name, "_REQUEST", sizeof("_REQUEST") - 1))
141 )
142 ) {
143 if (!silent) {
144 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted super-global (%s) variable overwrite", name);
145 }
146 return FAILURE;
147 } else if (name[0] == 'H' &&
148 (
149 (name_len == sizeof("HTTP_POST_VARS") - 1 && !memcmp(name, "HTTP_POST_VARS", sizeof("HTTP_POST_VARS") - 1)) ||
150 (name_len == sizeof("HTTP_GET_VARS") - 1 && !memcmp(name, "HTTP_GET_VARS", sizeof("HTTP_GET_VARS") - 1)) ||
151 (name_len == sizeof("HTTP_COOKIE_VARS") - 1 && !memcmp(name, "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS") - 1)) ||
152 (name_len == sizeof("HTTP_ENV_VARS") - 1 && !memcmp(name, "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS") - 1)) ||
153 (name_len == sizeof("HTTP_SERVER_VARS") - 1 && !memcmp(name, "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS") - 1)) ||
154 (name_len == sizeof("HTTP_SESSION_VARS") - 1 && !memcmp(name, "HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS") - 1)) ||
155 (name_len == sizeof("HTTP_RAW_POST_DATA") - 1 && !memcmp(name, "HTTP_RAW_POST_DATA", sizeof("HTTP_RAW_POST_DATA") - 1)) ||
156 (name_len == sizeof("HTTP_POST_FILES") - 1 && !memcmp(name, "HTTP_POST_FILES", sizeof("HTTP_POST_FILES") - 1))
157 )
158 ) {
159 if (!silent) {
160 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted long input array (%s) overwrite", name);
161 }
162 return FAILURE;
163 }
164 return SUCCESS;
165}
166#endif
167
69ZEND_BEGIN_MODULE_GLOBALS(suhosin) 168ZEND_BEGIN_MODULE_GLOBALS(suhosin)
70 zend_uint in_code_type; 169 zend_uint in_code_type;
71 long execution_depth; 170 long execution_depth;